Ransomware Attack at Nissan North America Impacts 53,000 Employees

Nissan North America, Inc. (NNA) has suffered a ransomware attack, compromising the personal information of over 53,000 employees.

The breach, which occurred on November 7, 2023, was discovered on February 28, 2024, after the attackers targeted Nissan's external VPN, leading to the shutdown of some systems and a ransom demand.

The incident involved a targeted cyberattack that was promptly addressed by NNA with the help of external cybersecurity professionals. Although the initial impact did not involve data encryption or complete system inoperability, a thorough investigation revealed unauthorized access to local and network data shares, mostly containing business-related information. However, personal data, including Social Security numbers of some current and former employees, was also accessed.

Nissan discovered the breach when abnormal activities were detected on its external VPN. The company quickly took steps to contain and mitigate the attack by collaborating with cybersecurity experts and law enforcement. In addition to immediate containment measures, Nissan undertook an extensive forensic investigation to ascertain the scope and impact of the breach.

The breach affected a total of 53,038 individuals. Notifications were sent out starting May 15, 2024, offering detailed information about the breach and protective measures to the affected parties. To assist those impacted, Nissan is providing 24 months of complimentary access to Experian's IdentityWorks services, which includes identity theft insurance and fraud assistance.

Following the attack, Nissan has implemented several security enhancements, including an enterprise-wide password reset, Carbon Black monitoring on all compatible systems, and regular vulnerability scans. The company is also undergoing a comprehensive review of its security processes to prevent future incidents.

Nissan urges all affected individuals to take advantage of the offered identity protection services. Steps include registering for Experian's IdentityWorks by August 30, 2024, and maintaining vigilance by monitoring credit reports and account statements for any unusual activities.

While Nissan reports no known misuse of the accessed data so far, the potential for identity theft exists, making it crucial for affected individuals to take proactive steps to protect their information. It is recommended that affected employees enroll in the offered credit monitoring service, monitor their financial accounts closely, and report any suspicious activities to law enforcement or credit agencies.